<?php
	header("Content-Type: text/html;charset=utf-8");
	//include("function/_nosql.php"); //
	include("_include.user.judge.php");
	$kboy_userid = $_SESSION['kboy_userid'];
	$kboy_user = $_SESSION['kboy_user'];
	
	$action = chkstr(trim($_REQUEST['action']));
	$message_text = addslashes($_REQUEST['message_text']);
	$message_passcode = chkstr(trim($_REQUEST['message_passcode']));
	$newsid = chkstr(trim($_REQUEST['newsid']));
	if($action == "add"){
		if(strlen($newsid)<1){
			echo erro("请将信息填写完整1");
		}
		if(!is_numeric($newsid)){
			echo erro("请将信息填写完整2");
		}
	
		if(strlen($message_text)<1){
			echo erro("请将信息填写完整3");
		}
		// 验证验证码
		if(strlen($message_passcode)<1){
			echo erro("验证码不能为空");
		}
		if(isNumber($message_passcode) == false){
			echo erro("验证码只能为数字");
		}
		if($message_passcode != $_SESSION['verifyCode']){
			echo erro("验证码错误");
		}
		
		$mysql = new sqlstr("kboy_news_message"); 
		$mysql -> set("message_text",$message_text);
		$mysql -> set("newsid",$newsid);
		$mysql -> set("uid",$kboy_userid);
		$news_sql = $mysql -> insertSql();
		$news_res = mysql_query($news_sql);
		if($news_res){
			echo ok("操作成功","newsview.php?newsid=".$newsid);
		}else{
			echo erro("服务器内部错误");
		}
	}else{
		echo erro("参数错误");
	}
	
	
?>